What The Human Body Can Teach You To Combat Cyber Attacks

David Masson
Darktrace’s Country Manager for Canada with over two decades of experience working in fast moving security and intelligence environments.

ADVERTISEMENT

Cyber attacks make global headlines on a near weekly basis and Canadian organizations are not immune. Most will remember the hack of Ashley Madison, revealing personal user information of over 39 million embarrassed individuals. Avid Life Media, the brand's parent company, promptly saw its CEO depart, and now faces a $578 million class action lawsuit. Ashley Madison is not the only Canadian organization to have suffered at the hands of a cyber attacker. In the past few years, Canada Revenue Agency, the Association of Professional Engineers and Geoscientists of Alberta, and Rogers Communications have also fallen victim to damaging cyber attacks.

While the headlines tell of customer data being targeted and websites defaced, the attacks that pose the greatest risk are those that have yet to happen. These quiet and stealthy attacks come from inconspicuous and clever hackers that gain access to a network, and operate without sounding any alarms. Imagine, for example, a piece of malware that sits quietly within a network for weeks, or even months. It has total surveillance of the network and learns to blend in, patiently waiting before making a move. When the malware finally becomes active, sometimes for just a few seconds, it can prove fatal to the organization. One could be lying dormant in your network right now.

Another type of attack on the rise is ransomware, a form of malware that moves at machine speed. Ransomware hacks into an operating system, rapidly encrypts critical data, and demands that the organization or individual pay a ransom fee to obtain the decryption keys. Canadian academic institutions, hospitals, and non-profits have fallen victim to these attacks in the last few months alone.

The current attack landscape is too advanced for traditional approaches to cyber security, including firewalls and antivirus software, to defend against. Sophisticated attackers engineer threats and viruses unlike anything we've ever seen before, rendering useless our preprogrammed, legacy security systems and outwitting even the quickest IT managers. Humans just aren't able to identify tomorrow's fast-moving and intelligent attacks in advance, which are good at blending into the everyday hum of the network. We are entering a new era of machine-based cyber attacks.

To tackle this challenge, organizations today are looking to the biological world for new inspiration. Just as the human immune system understands 'self' -what is normal for your body and what is foreign- immune system cyber security can understand a 'pattern of life' for every network, device, and user. It then recognizes what is normal for an organization's network and can detect anomalies. Advanced algorithms that use machine learning behave like an immune system for networks - fighting against threats from outside the organization and within. This 'immune system' technology analyzes raw network traffic with no human involvement, learning and adapting to your organization's growth. It is now a crucial part of defending networks and data against the ever-evolving threats targeting Canadian organizations.

Additionally, in the same manner that the human immune system can respond to foreign bacteria or viruses in your body, this new generation of cyber technology can similarly produce digital antibodies that have the ability to take action, when they detect a serious threat. This may include isolating the infected machine or slowing down network activity until a human is available to assess the breach. Digital antibodies effectively allow a company to defuse fast-moving attacks, including ransomware.

Threats today are simply too smart, and too fast for experts to keep up. Businesses are realizing now that they cannot avoid being targeted, and instead are using the 'immune system' methods to spot the emerging signs of illness. Networks, just like bodies, must be secured from the inside. By internalizing defensive mechanisms, the 'immune system' approach can detect and combat the next major virus just as the body does.